Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/b2e3d3-32ed-4bb2-acf6-204148c5a017/1/WrRyezZpiD80IRpQerJvFY2o57k.roa
File: WrRyezZpiD80IRpQerJvFY2o57k.roa (raw, json)
Hash identifier: jwCGxl7VnhwGu8+Sz9xty1CdIyCub++bA9l19ulxzic=
Subject key identifier: 5A:B4:72:7B:36:69:88:3F:34:21:1A:50:7A:B2:6F:15:8D:A8:E7:B9
Certificate issuer: /CN=359ddc737684ce041754a95b56b5a076d8851048
Certificate serial: 018CC492F5BC89B7AF0D1CAD95AE646CC7B4
Authority key identifier: 35:9D:DC:73:76:84:CE:04:17:54:A9:5B:56:B5:A0:76:D8:85:10:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NZ3cc3aEzgQXVKlbVrWgdtiFEEg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/b2e3d3-32ed-4bb2-acf6-204148c5a017/1/WrRyezZpiD80IRpQerJvFY2o57k.roa
Signing time: Mon 01 Jan 2024 10:30:14 +0000
ROA not before: Mon 01 Jan 2024 10:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207264
IP address blocks: 185.117.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:f5:bc:89:b7:af:0d:1c:ad:95:ae:64:6c:c7:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=359ddc737684ce041754a95b56b5a076d8851048
Validity
Not Before: Jan 1 10:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5ab4727b3669883f34211a507ab26f158da8e7b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:0c:61:39:4f:71:9f:e6:00:09:c2:39:1b:52:
fe:61:ba:13:c4:63:d1:46:46:a2:8e:ff:5d:ed:00:
bc:07:49:03:3f:ac:5c:31:e3:da:9b:78:bf:3a:29:
6c:6d:f2:e9:61:d6:54:14:03:4d:db:85:04:6d:3b:
d6:5f:93:22:1c:c3:ae:3d:ec:83:35:f2:61:a6:c0:
16:1a:47:b1:9c:c5:0e:db:68:00:97:b1:02:9d:bd:
f4:e9:0a:eb:e9:df:a1:42:82:c1:b8:b5:d2:9f:fa:
06:54:fa:eb:91:3d:41:af:f3:67:e4:d4:d1:77:43:
a7:73:9a:df:35:cf:0d:2a:3c:51:44:ba:aa:2b:fb:
d9:17:55:32:24:79:9b:64:12:ab:ae:8c:3d:de:ac:
5a:05:60:88:d5:67:49:f5:6c:e1:03:38:f7:ad:cb:
11:3c:f9:0b:ad:3e:0e:b3:55:61:a2:e9:2b:89:5d:
01:33:54:17:88:24:18:8e:94:42:fe:65:45:a8:13:
e4:6f:cb:df:63:1a:c7:68:2e:42:86:3d:d4:ae:d6:
e8:ee:dc:f0:7b:ce:7e:c7:f0:4d:1f:76:70:f7:3d:
13:ab:74:92:2e:16:99:f8:f1:cc:f1:97:a5:c1:af:
76:6c:fc:11:97:f7:0c:92:96:9d:3e:4f:a6:82:23:
d4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B4:72:7B:36:69:88:3F:34:21:1A:50:7A:B2:6F:15:8D:A8:E7:B9
X509v3 Authority Key Identifier:
keyid:35:9D:DC:73:76:84:CE:04:17:54:A9:5B:56:B5:A0:76:D8:85:10:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NZ3cc3aEzgQXVKlbVrWgdtiFEEg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b2e3d3-32ed-4bb2-acf6-204148c5a017/1/WrRyezZpiD80IRpQerJvFY2o57k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/b2e3d3-32ed-4bb2-acf6-204148c5a017/1/NZ3cc3aEzgQXVKlbVrWgdtiFEEg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.98.0/24
Signature Algorithm: sha256WithRSAEncryption
54:8f:5b:06:c3:36:b6:47:2e:65:0f:b6:8e:9f:f0:68:eb:6c:
a1:f0:7d:d3:d8:07:d6:4d:1b:51:da:24:e3:97:4a:3b:21:fa:
43:5a:39:08:91:c9:e6:c8:63:cb:32:07:9e:00:ba:0a:91:34:
6b:46:c1:09:40:59:56:db:b9:31:40:7b:0f:45:e6:ed:25:1c:
fd:d2:46:c1:e1:24:59:b4:4e:ae:47:0d:66:eb:a1:97:38:65:
c3:c9:2a:c7:bc:16:d7:5b:4f:0f:76:52:d2:31:2a:f3:41:10:
5f:c0:d1:47:5a:34:bc:e8:e8:19:83:cd:ae:e9:b2:ff:2b:9b:
a5:7b:c0:36:86:bf:cf:80:0d:ca:77:44:b7:d2:ce:93:30:44:
55:ea:b2:34:b2:8d:5d:05:9c:45:36:fb:f3:93:64:f6:91:f3:
3b:d5:25:72:cb:f2:e4:f5:ee:b2:96:dd:8e:2a:66:31:70:45:
e4:ee:aa:a7:fb:8d:67:c7:66:ea:bc:5d:b3:f6:ad:39:01:c3:
26:02:8c:e4:f9:e5:4a:f3:d1:6a:e3:3b:b3:3b:49:09:2e:94:
c8:65:29:a8:00:fa:10:70:9a:57:29:ef:c8:60:9c:30:af:ad:
4d:b3:c6:a3:70:75:05:cd:ba:76:e2:8d:dd:f5:50:24:01:6e:
b2:52:97:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEkvW8ibevDRytla5kbMe0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1OWRkYzczNzY4NGNlMDQxNzU0YTk1YjU2YjVhMDc2ZDg4
NTEwNDgwHhcNMjQwMTAxMTAzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWI0NzI3YjM2Njk4ODNmMzQyMTFhNTA3YWIyNmYxNThkYThlN2I5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgQxhOU9xn+YACcI5G1L+YboTxGPR
Rkaijv9d7QC8B0kDP6xcMePam3i/OilsbfLpYdZUFANN24UEbTvWX5MiHMOuPeyD
NfJhpsAWGkexnMUO22gAl7ECnb306Qrr6d+hQoLBuLXSn/oGVPrrkT1Br/Nn5NTR
d0Onc5rfNc8NKjxRRLqqK/vZF1UyJHmbZBKrrow93qxaBWCI1WdJ9WzhAzj3rcsR
PPkLrT4Os1VhoukriV0BM1QXiCQYjpRC/mVFqBPkb8vfYxrHaC5Chj3Urtbo7tzw
e85+x/BNH3Zw9z0Tq3SSLhaZ+PHM8Zelwa92bPwRl/cMkpadPk+mgiPUyQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFq0cns2aYg/NCEaUHqybxWNqOe5MB8GA1UdIwQY
MBaAFDWd3HN2hM4EF1SpW1a1oHbYhRBIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlozY2MzYUV6Z1FYVktsYlZyV2dkdGlGRUVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9iMmUzZDMtMzJlZC00YmIyLWFjZjYt
MjA0MTQ4YzVhMDE3LzEvV3JSeWV6WnBpRDgwSVJwUWVySnZGWTJvNTdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9iMmUzZDMtMzJlZC00YmIyLWFjZjYtMjA0MTQ4YzVhMDE3
LzEvTlozY2MzYUV6Z1FYVktsYlZyV2dkdGlGRUVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuXViMA0G
CSqGSIb3DQEBCwUAA4IBAQBUj1sGwza2Ry5lD7aOn/Bo62yh8H3T2AfWTRtR2iTj
l0o7IfpDWjkIkcnmyGPLMgeeALoKkTRrRsEJQFlW27kxQHsPRebtJRz90kbB4SRZ
tE6uRw1m66GXOGXDySrHvBbXW08PdlLSMSrzQRBfwNFHWjS86OgZg82u6bL/K5ul
e8A2hr/PgA3Kd0S30s6TMERV6rI0so1dBZxFNvvzk2T2kfM71SVyy/Lk9e6ylt2O
KmYxcEXk7qqn+41nx2bqvF2z9q05AcMmAozk+eVK89Fq4zuzO0kJLpTIZSmoAPoQ
cJpXKe/IYJwwr61Ns8ajcHUFzbp24o3d9VAkAW6yUpdw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:51:03 2025 by rpki-client